Skip to content

Commit

Permalink
Better handle certificates where old self signatures are stripped
Browse files Browse the repository at this point in the history
  - If a certificate is not valid when a packet signature is made, but
    is valid now, detect this and return `NotTrusted`.  This happens
    when old self signatures are stripped.

  - Fixes #46
  • Loading branch information
nwalfield committed May 4, 2023
1 parent e4994db commit 642e913
Showing 1 changed file with 24 additions and 0 deletions.
24 changes: 24 additions & 0 deletions src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -809,6 +809,30 @@ fn pgp_verify_signature(key: Option<&PgpDigParams>,
"Certificate {} invalid: policy violation",
cert.keyid());
cert.with_policy(NP, sig_time)
})
.or_else(|err| {
// Try again, but use the current time as a reference
// time. This is necessary if older self-signatures
// are stripped.
legacy = true;
match cert.with_policy(p, None) {
Ok(vc) => {
add_lint!(
None,
"Certificate has no valid binding signature \
as of the signature's creation time, but \
is valid now. The certificate has probably \
been stripped or minimized.");
Ok(vc)
}
Err(err2) => {
add_lint!(
Some(err),
"Certificate {} invalid: policy violation",
cert.keyid());
Err(err2)
}
}
})?;

if let Err(err) = vc.alive() {
Expand Down

0 comments on commit 642e913

Please sign in to comment.